<%@include file="header.html" %>
<%
String banner = "banner.html";
if(session.getAttribute("Userid")==null)
	{banner = "banner.html";}
else
{
	if(session.getAttribute("Usertype")=="S")
	{
	banner = "sellerbanner.html";
	}
	else
	{
		banner = "customerbanner.html";
	}
	
}
%>
<jsp:include page= "<%=banner %>"/>
<%@ page import="java.sql.*"%> 
<%@ page import="oracle.jdbc.pool.OracleDataSource"%> 
 
<!-- Database lookup --> 
<% 
 Connection conn = null; 
 ResultSet rset = null; 
 String error_msg = ""; 
 try { 
 OracleDataSource ods = new OracleDataSource(); 
 
 ods.setURL("jdbc:oracle:thin:sw2848/abc123@//w4111f.cs.columbia.edu:1521/ADB"); 
 conn = ods.getConnection(); 
 Statement stmt = conn.createStatement(); 
 
 
 // Here should be the userid of order(meaning user's id~)
 rset = stmt.executeQuery("select o.userid, P.name, P.price, P.description from product p, orders o where p.productid = o.productid and o.userid = '" + session.getAttribute("Userid")+"'"); 

 
 } catch (SQLException e) { 
 error_msg = e.getMessage(); 
 if( conn != null ) { 
 conn.close(); 
 } 
 } 
%> 
 
<html> 
<head> 
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> 
<title>Order</title> 
</head> 
<body> 
 <H2>***********Order***********</H2> 
 
 <hr noshade size=7 color=blue>


 <TABLE> 
 <tr> 
 <td>Purchased_By</td>><td>name</td><td>price</td><td>description</td>
 </tr> 
 <tr> 
 <td><b>----------</b></td><td><b>----------</b></td><td><b>----------</b></td><td><b>----------</b></td><td><b>----------</b></td>
 </tr>
 <% 
 if(rset != null) { 
 while(rset.next()) { 
 out.print("<tr>"); 
 out.print("<td>" + rset.getInt("userid") + "</td><td>" + rset.getString("name") + "</td><td>" + 
		 rset.getFloat("price") + "</td><td>" + rset.getString("description")); 
 
 out.print("</tr>"); 
 
 } 
 } else { 
 out.print(error_msg); 
 } 
 if( conn != null ) { 
 conn.close(); 
 } 
 %> <%@include file="footer.html" %>
</body> 
</html>